[Osaka/Yokohama/Tokushima] Looking for infrastructure/server side engineers!

[Osaka/Yokohama/Tokushima] Looking for infrastructure/server side engineers!

[Deployed by over 500 companies] AWS construction, operation, maintenance, and monitoring services

[Deployed by over 500 companies] AWS construction, operation, maintenance, and monitoring services

[Successor to CentOS] AlmaLinux OS server construction/migration service

[Successor to CentOS] AlmaLinux OS server construction/migration service

[For WordPress only] Cloud server “Web Speed”

[For WordPress only] Cloud server “Web Speed”

[Cheap] Website security automatic diagnosis “Quick Scanner”

[Cheap] Website security automatic diagnosis “Quick Scanner”

[Reservation system development] EDISONE customization development service

[Reservation system development] EDISONE customization development service

[Registration of 100 URLs is 0 yen] Website monitoring service “Appmill”

[Registration of 100 URLs is 0 yen] Website monitoring service “Appmill”

[Compatible with over 200 countries] Global eSIM “Beyond SIM”

[Compatible with over 200 countries] Global eSIM “Beyond SIM”

[If you are traveling, business trip, or stationed in China] Chinese SIM service “Choco SIM”

[If you are traveling, business trip, or stationed in China] Chinese SIM service “Choco SIM”

[Global exclusive service] Beyond's MSP in North America and China

[Global exclusive service] Beyond's MSP in North America and China

[YouTube] Beyond official channel “Biyomaru Channel”

[YouTube] Beyond official channel “Biyomaru Channel”

For those who are exhausted due to Forbidden repeated attacks on apache2.4

Hello.
I'm Mandai, in charge of Wild on the development team.

When I tried configuring apache 2.4 for the first time in a while, I was frustrated because I kept getting Forbidden, so I summarized what I tried.

 

This time's error details

The error I encountered this time is as follows.

[Mon Jun 05 09:45:45.490521 2017] [core:crit] [pid 8125] (13)Permission denied: [client 127.0.0.1:36174] AH00529: /var/www/vhosts/wordpress/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable and that '/var/www/vhosts/wordpress/' is executable, referer: http://wp.localhost/readme.html

 

The subdomain wp.localhost is assigned to 127.0.0.1 in /etc/hosts.
As you can imagine, this is a wordpress development subdomain.

Since I was reusing a VM created in the past with VirtualBox, I thought I could skip the settings around here!

This time, I decided to launch Eclipse on the desktop inside the VM and do some development, and restarted it to use two displays.
Now that I think about it, this wasn't a good thing.

 

This solution

After searching for an hour, I thought that all I could find was information related to permissions, and just as I was about to give up and go home, I noticed the SELinux characters that I had completely forgotten about.
At times like this, honestly

sudo setenforce 0

 

This is the only option.

It moved safely!

When you reboot, the previously executed setenforce is reset.
Since it was a temporary solution, I decided not to edit /etc/selinux/config.

In the end, I had forgotten that stance, and it was no longer a stance at all.

Basically, the VM is stopped by "save state", so it is not shut down in terms of the VM.

 

There are other possibilities

It seems that this error is not always caused by SELinux, and I found various answers.

 

If permissions are the cause

The document root directory (in this case, /var/www/vhosts/wordpress/) does not have viewing permissions, so the underlying files cannot be accessed.

This can be done by adding execute permission on the document root directory.

chmod +x /var/www/vhosts/wordpress/

 

There are some patterns like this.

 

If the cause is user privileges

Think about this first.
However, this is often not the case.

In the first place, files are not created with permissions like "770" or "750" in the development environment.
I would like to think based on "755" and "644".

 

Symbolic links are disabled

This happens embarrassingly sometimes.

Add Options FollowSymlinks.

We just have to be careful.

 

summary

In this case, I would like to use the following minimal httpd.conf configuration and do as little work as possible on environment construction.

<VirtualHost wp.localhost:80>ServerName wp.localhost DocumentRoot /var/www/vhosts/wordpress<Directory /var/www/vhosts/wordpress> Options FollowSymlinks Includes AllowOverride All Require all granted</Directory></VirtualHost>

 

I definitely don't want to forget this and the SELinux settings.

 
That's it.

If you found this article helpful , please give it a like!
0
Loading...
0 votes, average: 0.00 / 10
20,462
X facebook Hatena Bookmark pocket
[2025.6.30 Amazon Linux 2 support ended] Amazon Linux server migration solution

[2025.6.30 Amazon Linux 2 support ended] Amazon Linux server migration solution

The person who wrote this article

About the author

Yoichi Bandai

My main job is developing web APIs for social games, but I'm also fortunate to be able to do a lot of other work, including marketing.
Furthermore, my portrait rights in Beyond are treated as CC0 by him.